BABYSPLOIT – AN BEGINNER PENTESTING TOOL

BABYSPLOIT INTRO:-

Babysploit is a pentesting tool kit used in initial phase of pentesting. BabySploit mostly covers each and every scan. This tool is a bundle of all the small tools. This tool is used for people who are new in hacking and want to learn initial phases of pentesting, as per ethical hacking expert from International Institute of Cyber Security.

INSTALLING BABYSPLOIT:-

IF YOU ARE NOT USING KALI LINUX FOLLOW BELOW STEPS TO INSTALL BABYSPLOIT:-

If you are running any other linux distros. You need to clone tool from github.

After scanning the target dnslookup has found some of the records which can be used in other hacking activities.

NOW WE WILL TAKE RACCOON TOOL:-

Raccoon is a tool used in information gathering. Raccoon is mostly used to show the DNS records, port scanner and URL fuzzer.

For using raccoon type raccoon –help.

[babysploit]> raccoon --helpUsage: raccoon [OPTIONS] TARGETOptions:--version Show the version and exit.-d, --dns-records TEXT Comma separated DNS records to query.Defaults to: A,MX,NS,CNAME,SOA,TXT--tor-routing Route HTTP traffic through Tor (uses port9050). Slows total runtime significantly--proxy-list TEXT Path to proxy list file that would be usedfor routing HTTP traffic. A proxy from thelist will be chosen at random for eachrequest. Slows total runtime-c, --cookies TEXT Comma separated cookies to add to therequests. Should be in the form of key:valueExample: PHPSESSID:12345,isMobile:false--proxy TEXT Proxy address to route HTTP traffic through.Slows total runtime-w, --wordlist TEXT Path to wordlist that would be used for URLfuzzing-T, --threads INTEGER Number of threads to use for URLFuzzing/Subdomain enumeration. Default: 25--ignored-response-codes TEXT Comma separated list of HTTP status code toignore for fuzzing. Defaults to:302,400,401,402,403,404,503,504--subdomain-list TEXT Path to subdomain list file that would beused for enumeration-sc, --scripts Run Nmap scan with -sC flag-sv, --services Run Nmap scan with -sV flag-f, --full-scan Run Nmap scan with both -sV and -sC-p, --port TEXT Use this port range for Nmap scan instead ofthe default--vulners-nmap-scan Perform an NmapVulners scan. Runs instead ofthe regular Nmap scan and is longer.--vulners-path TEXT Path to the custom nmap_vulners.nse script.Ifnot used, Raccoon uses the built-in script itships with.-fr, --follow-redirects Follow redirects when fuzzing. Default: False(will not follow redirects)--tls-port INTEGER Use this port for TLS queries. Default: 443--skip-health-check Do not test for target host availability--no-url-fuzzing Do not fuzz URLs--no-sub-enum Do not bruteforce subdomains--skip-nmap-scan Do not perform an Nmap scan-q, --quiet Do not output to stdout-o, --outdir TEXT Directory destination for scan output--help Show this message and exit.

For Checking the version of the raccoon.

Type raccoon –version

[babysploit]> raccoon --versionraccoon, version 0.8.5

Raccoon Default Scan:-

For using raccoon type raccoon<Target URL>

For example – type raccoon testphp.vulnweb.com

===================SNIP======================

======================SNIP==================

In the above screen shots, the raccoon has found some the DNS queries, web application URL’s and the language on which the target web application has been used in development.

The above information can be used in other hacking activities. Getting an admin URL can make the brute force attack on the target website.

Raccoon Full Scan:-

Type racconn –full-scan testphp.vulnweb.com

=====================SNIP=====================

===================SNIP====================

After executing the above query, using “–full-scan” command will try to gather as much information as raccoon can. The above information could be used by remote attackers in other hacking activities.

Raccoon has found all the open ports of the target which makes an attacker to easily attack on the website.

RACCOON SKIP NMAP SCAN:-

Type raccoon –skip-nmap-scan

====================SNIP=====================

Using the “–skip-nmap-scan” will not use nmap queries to scan the target. Raccoon will only use the URL fuzzer to grab all the target URL’s.

All grabbed URL’s by URL fuzzer can be used in creating the phishing pages to take credentials of the target’s clients.

NOW WE WIL TALK ABOUT SEARCHSPLOIT TOOL:-

Searchsploit will give you type of exploits that can be used in exploiting the operating systems. Searchsploit consists of big list as listed below.

After creating the subdomain, a fake phishing page has been created. The Most common attacks are done using phishing pages as per the research done by ethical hacking group of International Institute of Cyber Security.

In the above screen shot, a phishing has been created. These phishing are the most common attacks.

Most of the users get these phishing pages via their mails/mobile chatting applications.